Bidirectional communication certification mechanism

ABSTRACT

The present invention is to provide a bidirectional communication certification mechanism, which comprises the steps of receiving a call-in message transmitted from a phone of a user, capturing a phone number and a temporary password transmitted from the phone, saving the phone number and temporary password into a number database, receiving and reading a game account, a game password, the phone number and the temporary password included in a login request message transmitted from a terminal device of the user, comparing the same with user data stored in a user database, and allowing the terminal device to finish a login procedure when the phone number and temporary password are existed in the user database. Since the phone number and the temporary password are preset by the user, it will ensure the terminal device to safely login a game server and efficiently lower down the stolen risk of the game account.

FIELD OF THE INVENTION

The present invention relates to a communication certificationmechanism, more particularly to a bidirectional communicationcertification mechanism which enables a user (i.e. a client) to presetat least one phone number when the user registers to become a member ofan online game and then, when the user wants to login the online game,enables the user to use the preset phone number to set a temporarypassword for finishing the login procedure.

BACKGROUND OF THE INVENTION

Presently, with the popularization of broadband networks, the typediversity of online games (such as strategy type, shooting type, actiontype, large-scale multiplayer online role-playing game, etc.) and theincrease of online game functions (such as community, friend, etc.), amarket research company “In-Stat” estimates that the total income ofAsia-pacific online gaming market can be up to 21.1 billion dollarsbetween 2008 and 2013. Thus, a so-called “home economy” based on onlinegames becomes a new business model, so that more and more game providersgradually combine online games with other hardware products or providecross-industry value-added services for increasing the profit.

Generally, when a user uses a value-added service on a website providedby a game provider or purchases a virtual treasure in a main online game(such as Lineage, MapleStory, CrazyRacing, etc.), the user must usevirtual money issued by the game provider for shopping. The sources ofvirtual money are approximately classified into two types: a first typeis money which can be obtained by the user during the user plays themain online game for executing tasks, fighting monsters, performingactions, etc., and a second type is money which is exchanged by usingactual money. Because the virtual money has the function of purchasingservices or virtual tools, most of users consider the virtual money asone type of individual properties and carefully protect it. Meanwhile,because the virtual money is belonged to the individual game account andhas actual value effect, the acts of stealing online game accounts causethe trouble of the game providers and the users. To solve this problem,the game providers gradually provide various protection measures forincreasing the safety of the online game accounts and lowering thestolen risk of the online game accounts.

Nowadays, the most common protection measure is to set a specific gamepassword for the online game account by the user, wherein the passwordis preset to only include limited characters, such as equal to or lessthan 10 characters which must simultaneously include Englishuppercase/lowercase letter and number, in order to increase thecomplexity of the password and lower the cracked possibility thereof. Inaddition, when the user want to login an online game server, some gameproviders provide a random keyboard, i.e. a keyboard image shown in anoperational window has random arranged English letters and numbers forbeing clicked by using a mouse to input the user's password. Thus, itcan prevent a key logger software (i.e. a software capable of capturingand recording code values of pressed keys after the keys of the keyboardare pressed) in the user's computer from stealing the user's gamepassword. However, the foregoing protection measure is only used tochange the game password. Once an illegal account stealer obtains theuser's game password, the stealer can completely control the user's gamepassword and then steal virtual money, virtual treasures, game playersor value-added services in the user's game password, so as to cause theright loss of the user. Moreover, after the user's game password isstolen, the user may think that all efforts in the online game are lost,so as to want to give up the online game or change to play anotheronline game. Therefore, the profit of the original online game providermay be lost.

As a result, it is important for game designers to think how to design acommunication certification mechanism with higher safety, in order tolower the stolen probability of the user's game account and to providesafer game environment to obtain the user's trust for the purpose ofmaintaining and increasing the market share of the game provider.

It is therefore tried by the inventor to develop a bidirectionalcommunication certification mechanism to provide safer online games forsolving the problems existing in the login method of traditional onlinegames that can not completely protect online game accounts of users tocause the right loss of the user and the user loss of original customersof the game provider, as described above.

BRIEF SUMMARY OF THE INVENTION

A primary object of the present invention is to provide a communicationcertification system of a bidirectional communication certificationmechanism, which comprises an interactive voice module, a communicationlock server and a game server, wherein the interactive voice module isconnected to a voice communication network and the communication lockserver, respectively. The interactive voice module can receive a call-inmessage transmitted from a phone through the voice communicationnetwork, then capture a phone number corresponding to the call-inmessage and a temporary password included at least one key code valuetransmitted after the phone is connected, and transmit the phone numberand the temporary password to the communication lock server.Furthermore, the communication lock server is further connected to thegame server, and provided with a number database and a timing proceduretherein, wherein the number database can save the phone number and thetemporary password received by the communication lock server, while thetiming procedure can start to time when the number database receives thephone number and the temporary password and delete the phone number andthe temporary password after a predetermined time. Moreover, the gameserver is further connected to the Internet, and link to a terminaldevice of a user (i.e. a client) through the Internet, wherein the gameserver has a user database therein and the user database stores aplurality of user data. When the game server receives a login requestmessage of communication lock transmitted from the terminal device, agame account, a game password, a phone number and a temporary passwordincluded in the login request message of communication lock will becompared with the user data in the user database, while thecommunication lock server will be certificated if a matched phone numberand a corresponding temporary password are existed in the communicationlock server. If the certification of the communication lock server iscorrect, the terminal device is allowed to finish a login procedure. Asa result, the communication certification mechanism of the presentinvention not only can provide functions of certificating the gameaccount and the game password of a user, but also can provide functionsof certificating the phone number predetermined by the user and-thetemporary password preset by the user. Thus, the safety of the user'sterminal device to login the game server can be ensured, while thestolen risk of the game account can be efficiently lowered down.

A secondary object of the present invention is to provide acommunication certification method of a bidirectional communicationcertification mechanism, which is applied to the foregoing communicationcertification system, so that the terminal device of the user can set atemporary password through a predetermined phone number before the loginprocedure of the terminal device into the game server, wherein thetemporary password is matched with the game account and the gamepassword for finishing the entire login procedure to increase the safetyof the user's game account. The communication certification methodcomprises steps of: providing an interactive voice module to capture aphone number corresponding to a call-in message by an interactive voicemodule after receiving the call-in message transmitted from a phone, toreceive a temporary password transmitted from the phone after the phoneis connected, and to transmit the phone number and the temporarypassword to a communication lock server; providing the communicationlock server to save the phone number and the temporary password in anumber database after receiving the phone number and the temporarypassword, to execute a timing procedure, and to delete the phone numberand the temporary password after a predetermined time; providing a gameserver to read a game account, a game password, a phone number and atemporary password included in the login request message ofcommunication lock after receiving a login request message ofcommunication lock transmitted from the terminal device, to compare thegame account, the game password and the phone number with user data in auser database, and to transmit a certification message to thecommunication lock server after comparing to find out a complete matcheduser data, in order to certificate if a matched phone number and acorresponding temporary password are existed in the communication lockserver, to allow the terminal device to login the game server afterpassing the certification. As a result, the phone number can be presetby the user, and the user must finish the login procedure of theterminal device within the predetermined time after presetting thetemporary password, in order to login a game of the game server or use aservice provided by a game provider. Thus, the stolen risk of the user'sgame account completely controlled by a stealer can be lowered down.

To achieve the above objects, a communication certification system of abidirectional communication certification mechanism of a preferredembodiment of the present invention comprises: an interactive voicemodule connected to a voice communication network for receiving acall-in message transmitted from a phone and capturing a phone numbercorresponding to the call-in message, so as to obtain a temporarypassword transmitted from the phone; a communication lock serverconnected to the interactive voice module for transmitting messages toeach other and for saving the phone number and the correspondingtemporary password transmitted from the interactive voice module; and agame server connected to the Internet for receiving a login requestmessage of communication lock transmitted from a terminal device,wherein the game server stores a plurality of user data, each of whichincludes a game account, a game password and at least one phone number;wherein the game server compares the game account, the game password andthe phone number included in the login request message of communicationlock with the user data in a case that the game server receives a loginrequest message of communication lock, and the game server transmits acertification message to the communication lock server after comparingto find out a complete matched user data, and the terminal device isallowed to login the game server if certificating that a phone numberand a corresponding temporary password matched with the login requestmessage of communication lock are existed in the communication lockserver.

In one embodiment of the present invention, the communication lockserver is provided with a number database therein for saving the phonenumber and the corresponding temporary password.

In one embodiment of the present invention, the game server has a userdatabase therein for storing the user data.

In one embodiment of the present invention, the communication lockserver is further provided with a timing procedure, the timing procedurecan start to time in a case that the communication lock server saves thereceived phone number and the corresponding temporary password in thenumber database, and the communication lock server can delete the phonenumber and the corresponding temporary password if a predetermined timeof the timing procedure is exceeded.

In one embodiment of the present invention, the interactive voice moduleis an interactive voice response system.

On the other hand, a communication certification method of abidirectional communication certification mechanism is applied to acommunication certification system, the method comprises: capturing aphone number corresponding to a call-in message after receiving thecall-in message transmitted from a phone; receiving a temporary passwordtransmitted from the phone after the phone is connected; saving thephone number and the temporary password in a number database; receivinga login request message of communication lock transmitted from aterminal device; reading a game account, a game password, a phone numberand a temporary password included in the login request message ofcommunication lock, and then comparing the game account, the gamepassword and the phone number with user data in a user database; andcertificating if a matched phone number and a corresponding temporarypassword are existed in the number database after comparing to find outa user data complete matched with the game account, the game passwordand the phone number, and then allowing the terminal device to finish alogin procedure after passing the certification.

One embodiment of the present invention further comprises: denying theterminal device to finish the login procedure if comparing to find nomatched user data.

One embodiment of the present invention further comprises: denying theterminal device to finish the login procedure if comparing to find nomatched phone number and corresponding temporary password existed in thenumber database.

In one embodiment of the present invention, the communication lockserver is provided with further provided with a timing procedure, andthe communication certification method further comprises: starting thetiming procedure; and determining if a predetermined time of the timingprocedure is exceeded.

One embodiment of the present invention further comprises: deleting thephone number and the corresponding temporary password if determiningthat the predetermined time of the timing procedure is exceeded.

BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWINGS

The structure and the technical means adopted by the present inventionto achieve the above and other objects can be best understood byreferring to the following detailed description of the preferredembodiments and the accompanying drawings, wherein:

FIG. 1 is a schematic view of a communication certification systemaccording to a preferred embodiment of the present invention;

FIG. 2 is a schematic view of a web window viewed by a user according tothe preferred embodiment of the present invention;

FIG. 3A is a flowchart of a communication certification method accordingto the preferred embodiment of the present invention;

FIG. 3B is a continued flowchart of the communication certificationmethod in FIG. 3A; and

FIG. 4 is a flowchart of executing a timing procedure according to thepreferred embodiment of the present invention.

DETAILED DESCRIPTION OF THE INVENTION

The present invention is related to a bidirectional communicationcertification mechanism which can firstly preset at least one phonenumber when a user (i.e. a client) registers to become a member of anonline game. Then, when a terminal device of the user wants to login agame server of the online game to play the online game or use an onlineservice provided by a game provider, the user must use the predeterminedphone number and then set a temporary password. In a login procedure,the user must correctly input a game account, a game password, the phonenumber and the temporary password for finishing the login procedure.Thus, even though the game account and the game password of the user areinadvertently leaked, the safety of the game account still can beensured.

Referring now to FIG. 1, a communication certification system of abidirectional communication certification mechanism according to apreferred embodiment of the present invention is illustrated. As shown,the communication certification system designated by numeral 1 comprisesan interactive voice module 11, a communication lock server 13 and agame server 15, wherein the interactive voice module 11 is connected toa voice communication network 2 and the communication lock server 13,respectively, for transmitting messages to the voice communicationnetwork 2 or the communication lock server 13. After the interactivevoice module 11 receives a call-in message transmitted from a phone 21of a user (i.e. a client), the interactive voice module 11 can capture aphone number corresponding to the call-in message. After the phone 21 isconnected, the interactive voice module 11 can receive a temporarypassword transmitted from the phone 21 of the user. After this, theinteractive voice module 11 can transmit the phone number and thetemporary password to the communication lock server 13. In the preferredembodiment, the interactive voice module 11 is an interactive voiceresponse (IVR) system. In other words, when the phone 21 of the usertransmits a call-in message to the interactive voice module 11 throughthe voice communication network 2, the interactive voice module 11 canautomatically connect to the phone 21 and provide at least one command(such as “please input your preset temporary password”) to the useraccording to a predetermined voice procedure. Then, the user can inputsuitable options by pressing keys (such as pressing a key of 1, 2 or 3)according to the command of the interactive voice module 11, so that theinteractive voice module 11 can execute corresponding processes (such asto save key code values of 1, 2 and/or 3 as a temporary password)according to the received key code values. However, in other embodimentof the present invention, a game provider also can hire operators toquery and answer one by one and manually input information provided bythe user. Thus, if a module can capture the phone number correspondingto the call-in message and record the temporary password preset by theuser, the module can be used as the interactive voice module 11 of thepresent invention, without limitation.

As described above, referring to FIG. 1 again, the communication lockserver 13 is further connected to the game server 15 for transmittingmessages to each other, while the communication lock server 13 isprovided with a number database 131 therein. When the communication lockserver 13 receives the phone number and the temporary passwordtransmitted from the interactive voice module 11, the communication lockserver 13 can save the phone number and the corresponding temporarypassword in the number database 131. In addition, the communication lockserver 13 is further provided with a timing procedure 132. When thephone number and the corresponding temporary password are saved in thenumber database 131, the timing procedure 132 can start to time and thecommunication lock server 13 will delete the phone number and thetemporary password after a predetermined time (such as 3 Mins).Therefore, because the temporary password is not permanently saved inthe communication lock server 13 and can be easily changed by the userto provide the changeability, the risk of being controlled by an illegaluser can be lowered down. Moreover, the game server 15 is furtherconnected to the Internet 3, and link to a terminal device 31 of theuser (such as a personal computer, a notebook computer, etc.) throughthe Internet 3, wherein the game server 15 has a user database 151therein and the user database 151 stores a plurality of user data. Eachof the user data includes a game account, a game password and at leastone phone number. When the game server 15 receives a login requestmessage of communication lock transmitted from the terminal device 31 ofa user, the game server 15 can read a game account, a game password, aphone number and a temporary password included in the login requestmessage of communication lock, and then compare the game account, thegame password and the phone number included in the login request messageof communication lock with the game account, the game password and thephone number included in the user data in the user database 151. Aftercomparing to find out a complete matched game account, game password andphone number of a user data, the game server 15 transmits acertification message (including the phone number and the temporarypassword) to the communication lock server 13, in order to certificateif a matched phone number and a corresponding temporary password areexisted in the communication lock server 13. If a matched phone numberand a corresponding temporary password are existed in the communicationlock server 13, the terminal device 31 can pass the certification, sothat the terminal device 31 is allowed to login the game server 15.Thus, the user can enter an online game or use an online serviceprovided by a game provider through the terminal device 31. If a matchedphone number and a corresponding temporary password are not existed inthe communication lock server 13 (such as the phone number and thetemporary password are deleted; or the phone number for presetting thetemporary password is wrong), the terminal device 31 can not pass thecertification, so that the terminal device 31 is denied to login thegame server 15.

Therefore, referring still to FIG. 1, according the communicationcertification system 1, before the terminal device 31 of the userfinishes the entire login procedure (i.e. login the game server 15), theuser must use the predetermined phone number to set a temporarypassword. After the terminal device 31 of the user is linked to a webwindow of the game server 15 (as shown in FIG. 2), the user only needsto input the individual game account, the game password, thepredetermined phone number and the temporary password of the user. Thus,after passing the certification, the terminal device 31 can login thegame server 15. In addition, the communication lock server 13 of thegame provider is provided with the timing procedure 132 to delete thetemporary password and the phone number preset by the user after apredetermined time. Thus, the user needs not worry about inadvertentleakage of the temporary password to cause the game account to bestolen. Moreover, the temporary password is only preset by user beforethe user wants to play the game, so that the user can randomly changethe temporary password without worrying to forget the temporarypassword, so as to increase the operational convenience of the user.

Referring now to FIGS. 1, 3A and 3B, to clearly disclose the technicalfeature of the bidirectional communication certification mechanismaccording to the present invention, a communication certification methodof the present invention is further described, as follows:

In a step 101, determining if the interactive voice module 11 receives acall-in message transmitted from a phone 21; if yes, going to a step102; and if not, going back to the step 101;

In the step 102, capturing a phone number corresponding to the call-inmessage by the interactive voice module 11, and connecting the phone 21,and then going to a step 103;

In the step 103, receiving a temporary password transmitted from thephone 21 by the interactive voice module 11, and then going to a step104;

In the step 104, transmitting the phone number and the temporarypassword to the communication lock server 13 and saving the phone numberand the temporary password to the number database 131 the communicationlock server 13 by the interactive voice module 11, and then going to astep 105;

In the step 105, determining if the game server 15 receives a loginrequest message of communication lock transmitted from a terminal device31; if yes, going to a step 106; and if not, going back to the step 105;

In the step 106, comparing data included in the login request message ofcommunication lock with the user data included in the user database 151by the game server 15, in order to determine if there are matched gameaccount, game password and phone number; if yes, going to a step 107;and if not, going to a step 109;

In the step 107, transmitting a certification message to thecommunication lock server 13 by the game server 15, in order tocertificate if a matched phone number and a corresponding temporarypassword are existed in the communication lock server 13; if yes, goingto a step 108; and if not, going to the step 109;

In the step 108, allowing the terminal device 31 to login the gameserver 15; and

In the step 109, denying the terminal device 31 to login the game server15. Therefore, according to the foregoing communication certificationmethod, the user must use the predetermined phone number to set atemporary password to finish the entire login procedure before theterminal device 31 of the user logins the game server 15. Thus, in acase that the game account and the game password of the user are stolenby an illegal user, the illegal user can not simultaneously obtain thephone number of the user, so that the illegal user can not control thegame account of the user. As a result, the safety of the user's gameaccount is efficiently ensured. For example, a game account of a user“A” is “LIO”, a game password thereof is “0000” and a predeterminedphone number is “1234567”. If an illegal user “B” firstly steals thegame account, the game password and the phone number of the user “A” andthen presets a temporary password through another phone number“7654321”, the game server will determine that the phone number“7654321” of the number database is different from the phone number“1234567” in the user data of the user “A”, so as to deny the terminaldevice of the user “B” to login the game server. As a result, the user“B” can not completely control the game account of the user “A”, and cannot steal virtual money, virtual treasures or value-added services inthe game account of the user “A”. Therefore, the bidirectionalcommunication certification mechanism according to the present inventioncan be used to efficiently increase the safety of the game account ofthe user.

Furthermore, to ensure the reliability of the temporary password, thecommunication lock server 13 can further execute the timing procedure132 after receiving the phone number and the temporary password.Referring now to FIGS. 1 and 4, the process flowchart of the timingprocedure 132 is described, as follows:

In a step 201, determining if receiving the phone number and thetemporary password; if yes, going to a step 202; and if not, going backto the step 201;

In the step 202, saving the phone number and the temporary password tothe number database 131 and executing the timing procedure 132, and thengoing to a step 203;

In the step 203, determining if a predetermined time of the timingprocedure 132 is exceeded; if yes, going to a step 204; and if not,going back to the step 203; and

In the step 204, deleting the phone number and temporary passwordcorresponding to the timing procedure 132.

Generally, the predetermined time of the timing procedure 132 is presetnot too long, and the user will immediately use the terminal device 31to login the game server 15 for playing the game after presetting thetemporary password. In this case, an illegal user can not use the samegame account to repeat login the game server 15, while the temporarypassword is rapidly deleted after a predetermined time. Thus, eventhough the illegal user obtains the temporary password, the illegal userstill can not control the game account of the user. As a result, thesafety of the game account can be efficiently ensured and increased,while the user needs not worry about the possible lost of the temporarypassword.

As described above, according to the bidirectional communicationcertification mechanism of the present invention, when the user finishesthe entire login procedure, the user needs to input the game account andthe game password, and then needs to further input the predeterminedphone number and use the temporary password preset through the phonenumber for finishing the login procedure. Thus, the stolen risk of theuser's game account completely controlled by the illegal user can belowered down. Meanwhile, after the user presets the temporary password,the terminal device of the user must finish the login procedure within apredetermined time (such as 3 mins) for successfully logging in the gameor starting the services provided by the game provider. As a result, thesafety of the game account can be further efficiently increased.

It should be noted that the present invention are not limited to theterms used in the preferred embodiment thereof, and the person skilledin the art can understand that the method concept of the presentinvention can be implement by other structures, devices and systems tocarry out the same object of the present invention. Thus, the claims ofthe present invention should include equivalent structures withoutdeparting from the scope and the spirit of the invention. Furthermore,although the preferred embodiment of the present invention is describedby a plurality of servers and databases, the servers and databases areonly used to conveniently help the person skilled in the art to rapidlyunderstand the content and concept of the specification of the presentinvention without limiting to the foregoing hardware system framework.In actual implementation, the person skilled in the art can integrate aplurality of servers or databases into one unit or integrate theinteractive voice module into the server according to the technicalfeature of the present invention, without limitation.

The present invention has been described with a preferred embodimentthereof and it is understood that many changes and modifications to thedescribed embodiment can be carried out without departing from the scopeand the spirit of the invention that is intended to be limited only bythe appended claims.

1. A communication certification system of a bidirectional communicationcertification mechanism, comprising: an interactive voice moduleconnected to a voice communication network for receiving a call-inmessage transmitted from a phone and capturing a phone numbercorresponding to the call-in message, so as to obtain a temporarypassword transmitted from the phone; a communication lock serverconnected to the interactive voice module for transmitting messages toeach other and for saving the phone number and the correspondingtemporary password transmitted from the interactive voice module; and agame server connected to the Internet for receiving a login requestmessage of communication lock transmitted from a terminal device,wherein the game server stores a plurality of user data, each of whichincludes a game account, a game password and at least one phone number;wherein the game server compares the game account, the game password andthe phone number included in the login request message of communicationlock with the user data in a case that the game server receives a loginrequest message of communication lock, and the game server transmits acertification message to the communication lock server after comparingto find out a complete matched user data, and the terminal device isallowed to login the game server if certificating that a phone numberand a corresponding temporary password matched with the login requestmessage of communication lock are existed in the communication lockserver.
 2. The communication certification system according to claim 1,wherein the communication lock server is provided with a number databasetherein for saving the phone number and the corresponding temporarypassword.
 3. The communication certification system according to claim2, wherein the game server has a user database therein for storing theuser data.
 4. The communication certification system according to claim3, wherein the communication lock server is further provided with atiming procedure, which is started to time in a case that thecommunication lock server saves the received phone number and thecorresponding temporary password in the number database, and thecommunication lock server deletes the phone number and the correspondingtemporary password if a predetermined time of the timing procedure isexceeded.
 5. The communication certification system according to claim4, wherein the interactive voice module is an interactive voice responsesystem.
 6. A communication certification method of a bidirectionalcommunication certification mechanism, applied to a communicationcertification system, the method comprising: capturing a phone numbercorresponding to a call-in message after receiving the call-in messagetransmitted from a phone; receiving a temporary password transmittedfrom the phone after the phone is connected; saving the phone number andthe temporary password in a number database; receiving a login requestmessage of communication lock transmitted from a terminal device;reading a game account, a game password, a phone number and a temporarypassword included in the login request message of communication lock,and then comparing the game account, the game password and the phonenumber with user data in a user database; and certificating if a matchedphone number and a corresponding temporary password are existed in thenumber database after comparing to find out a user data complete matchedwith the game account, the game password and the phone number, and thenallowing the terminal device to finish a login procedure after passingthe certification.
 7. The communication certification method accordingto claim 6, further comprising: denying the terminal device to finishthe login procedure if comparing to find no matched user data.
 8. Thecommunication certification method according to claim 6, furthercomprising: denying the terminal device to finish the login procedure ifcomparing to find no matched phone number and corresponding temporarypassword existed in the number database.
 9. The communicationcertification method according to claim 6, wherein the communicationlock server is provided with further provided with a timing procedure,and the communication certification method further comprises: startingthe timing procedure; and determining if a predetermined time of thetiming procedure is exceeded.
 10. The communication certification methodaccording to claim 9, further comprising: deleting the phone number andthe corresponding temporary password if determining that thepredetermined time of the timing procedure is exceeded.